package com.newtribe.access;

import java.net.*;
import javax.net.ssl.*;

import java.io.*;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

public class SSLServerManager{
 static int port=8911;


 /*
 *���캯��
 */

 public SSLServerManager()
 {

 }


 public static SSLServerSocket getServerSocket(int thePort)throws Exception {
	 

   String key="ssl.keystore";  //Ҫʹ�õ�֤����

   char keyStorePass[]="111111".toCharArray();  //֤������
   char keyPassword[]="111111".toCharArray();  //֤������ʹ�õ���Ҫ����
   KeyStore ks=KeyStore.getInstance("JKS");  //����JKS��Կ��
   ks.load(new FileInputStream(key),keyStorePass);
   
// init key managers
   KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
   kmf.init(ks,keyPassword);
   KeyManager[] keyManagers =kmf.getKeyManagers();
//init trust managers
   TrustManagerFactory trust =TrustManagerFactory.getInstance("SunX509") ;
   trust.init(ks);
   TrustManager[] trustManager = trust.getTrustManagers();
   //init ssl/tls context .
   SSLContext sslContext=SSLContext.getInstance("TLS");
   sslContext.init(keyManagers,trustManager,null);
   

   //����������õ�SSL������4����SSLServerSocketFactory,��ͨ���Ĳ�����ͬ
   SSLServerSocketFactory factory=sslContext.getServerSocketFactory();
   SSLServerSocket s=(SSLServerSocket)factory.createServerSocket(thePort);
    return(s);
 }


 public static void main(String args[])throws Exception{
  try
  {
	  SSLServerSocket server=getServerSocket(port);
  // server.setEnabledCipherSuites(new String[]{"SSL_RSA_AES_867"});
   
   server.setNeedClientAuth(false);
   Socket sslSocket =server.accept();
   InputStream in = sslSocket.getInputStream() ;
   byte[] buffer =new byte[10];
   in.read(buffer);
   System.out.println(new String(buffer));

  }catch(Exception e)
  {
     e.printStackTrace();
  }
 }



}

class myX509TrustManager implements X509TrustManager{
	  public myX509TrustManager(){	  
	  }

	  public void checkClientTrusted(X509Certificate[] chain,  String authType) throws CertificateException {
		  
	      System.out.println("cert: " + chain[0].toString() + ", authType: " + authType);

	  }
	     public void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {
	    	 
	    	// for(int i =0 ;i<chain.length;i++)
	         //System.out.println("cert: " + chain[i].getSubjectDN() + ", authType: " + authType);
	     }
	     public X509Certificate[] getAcceptedIssuers() {
	      
	      try {
			InputStream in = new FileInputStream("d:/ca/root.cer") ;
			  CertificateFactory certFactory = CertificateFactory.getInstance("X.509") ;
			  
			  X509Certificate x =  (X509Certificate)certFactory.generateCertificate(in) ;
			  System.out.println("============= trust:\n"+x.toString());
			  return new X509Certificate[]{x};
		} catch (FileNotFoundException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (CertificateException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		return null ;
	     }
}



